This lecture dives into how we may add authorization to API Gateway endpoints.

How to add Authorization to API Gateway

02:12

When we talk about protecting API Gateway Endpoints, we of course have to look at the features it offers us. Custom Authorizers are one of these features. Let's learn what these are about!

Understanding Custom Authorizers (API Gateway)

04:01

Now that we learned what custom authorizers are, it's time to dive into building our first custom authorizer function.

Creating a Custom Authorizer Function

10:12

When creating custom authorizers, there is a set of input data you will receive and a certain format of output data you should provide. Learn more about that in this lecture.

Custom Authorizers: Provided Input & Expected Output

00:42

Make sure to read this lecture to avoid errors when setting up the cognito authorizer.

MUST READ: New UI for setting up Custom Authorizers

00:08

We got our own authorizer function finished, with that, it's time to use it!

Using Custom Authorizers

05:50

It's great that we can control who's allowed to access our resources and who's not. But it would be even better if we could also retrieve the user who was granted access!

Retrieving Users from Custom Authorizers

06:09

With the basics about authorization explained, it's time to do the next step and see how we can also add a complete auth (sign up + sign in) flow to our existing apps. Learn how AWS Cognito helps you with that!

What is AWS Cognito?

02:27

We're using AWS Cognito in this module - time to share some useful links.

AWS Cognito: Useful Resources & Links

00:11

AWS Cognito actually consists of two parts. Learn more about these parts in this lecture!

Cognito User Pools and Federated Identities

01:31

With the basics about Cognito (and Cognito User Pools) set, let's now dive into creating our first User Pool!

Creating a Cognito User Pool

08:13

AWS Cognito handles a lot of things for your, it's key to understand what it does though! This lecture explores the Cognito Auth Flow.

Understanding the Cognito Auth Flow

03:19

We're going to add Cognito to an example web app in this course. The app is built with Angular. No worries, you don't need to know Angular!

The Example Web App, Angular and TypeScript

00:21

Time to add Cognito to a frontend app! This lecture gets you started with that step.

Adding Cognito to a Frontend App - Getting Started

05:28

Don't plan on building a web app? No problem at all, AWS Cognito also offers comparable SDKs for iOS and Android apps!

Using Cognito in iOS or Android Apps

00:11

Before users can sign in, they of course need to be able to sign up. Let's add such a functionality in this lecture.

Adding Signup to the Frontend App

12:00

It's great that users can sign up, but we probably want to verify their email address. Learn how to easily add user confirmation in this lecture.

Adding User Confirmation to a Frontend App

04:08

Users are able to sign up and confirm their mail addresses, time to provide a login functionality!

Adding Signin to a Frontend App

05:50

We also want to manage the user state (e.g. "Is the user logged in?"). Learn how to easily implement that via Cognito.

Managing User State with Cognito

03:48

Now that Cognito handles the full authentication flow, it's time to also use it to authorize incoming requests on API Gateway. Learn more about that in this lecture.

Using a Cognito Authorizer with API Gateway

02:46

With the change from a custom authorizer to a Cognito authorizer, we also need to adjust the way we pass the ID on to Lambda.

Passing the right User ID to Lambda

06:43

We could almost finish the app now but let's also learn how to use Cognito from within a lambda function and how to pass query params to an API endpoint.

Using Query Params & Cognito from Lambda

07:59

In the last lecture, we used the Cognito Identity Service Provider. Want to learn more about the methods we used? This lecture helps you!

More on the Cognito Identity Service Provider

00:10

We expect to get query params on the backend, we should therefore probably pass them from the frontend. Let's do so now!

Passing Query Params from the Frontend

03:50

We're almost done with this module, let's now also pass the user id to the DELETE API endpoint.

Let me round this course up and give you an overview over what you learned!

Roundup

01:00

Bonus: More Content!

00:20

Requirements

You should have a basic understanding about what AWS (Amazon Web Services) is or bring the willingness to learn more about them alongside taking this course

You will need a credit card to create an AWS account

You should have a basic understanding about what APIs and SPAs (Single-Page-Applications) are and what role they play in modern web development

You don't need to be anything close to an AWS expert!

You don't need to have advanced API/ SPA knowledge!

Description

Serverless computing will shape the future of web development since it allows you to get rid of many issues "traditional" web hosting poses.

Now's the time to dive into this exciting new technology!

Unlike in traditional web hosting, where you spin up servers, configure them and then deploy your code, in serverless applications, you don't manage any servers! Instead, you only provide your code and define when it should get executed. Done!

Without managing any servers, you typically pay way less (since you got no overhead capacity), can react much better to incoming traffic spikes and don't have to worry about server security!

For these very reasons, it's no wonder that serverless computing is on the rise, with more and more companies adopting it! Learn it now to gain an edge and either use it for your own projects or apply for high-paid jobs!

What does this course offer then?

This course will introduce you to serverless computing and then quickly dive into how to build serverless apps with Amazon Web Services (AWS).

Specifically, you will learn:

how you can build a REST API without worrying about servers, using AWS API Gateway

how you can store data in a database - naturally without managing any database servers!

We won't stop there though! Instead, you'll then dive even deeper into serverless computing and learn:

how you can add user authentication to your existing frontend apps and how you can then also protect your REST API against unauthenticated access with ease!

how you can easily integrate a complete user sign up & sign in flow (including user confirmation) into ANY app (web app, iOS or Android app!) with AWS Cognito

how to deploy your web app in a serverless manner

how to speed up the delivery of your static web app assets

how to secure your serverless app

what else you can build with the services covered in this course and which other services might be interesting to you

where to dive deeper regarding advanced development workflows

and much more!

Is this course for you?

Now that you know what this course offers, is it the right choice for you? Which skills should you bring?

This course is absolutely the right choice for you if you're interested in providing great web applications without worrying about the provisioning of servers.

It's also the right choice if you already got experience as a system administrator but are interested in keeping up with the latest developments and the many new possibilities serverless computing offers.

You will need some basic AWS knowledge, or the willingness to dive deeper into AWS alongside taking this course. Additionally, a credit card is required for signing up to AWS.

Finally, you should be familiar with APIs and SPAs (Single-Page-Applications) and which role they play in today's web development environment. You don't need to know how to create them though.

I'd be very happy to welcome you on board!

Who this course is for:

Anyone who's interested in focusing on the core business logic instead of the infrastructure needed to run an API and/ or SPA

Anyone who wants to use modern techniques to create highly scalable and extremely cost-efficient web apps

Anyone who works with APIs and/ or SPAs on a regular basis and wants to learn how to create flexible and cost-effective web apps

Every developer who loves the "Dev" in "DevOps" but would be happy to make the "Ops" part easier

Featured review

Zoe Ischuros
(
80 courses,
16 reviews
)

a year ago

Max rocks. I appreciate his explanations and detail. This IS just what I needed. (I am rather tired of cursory treatment of AWS features by some other instructors. Some of that is understandable because they are focusing on something else. But Max provides important 'digressions'. Moreover, his careful illustrations are helpful and, taking the care he does, repeated at key points in various lectures. (Resolution: Take as many Max courses as I can.)